{"title":"针对云基础设施的加密劫持攻击实例研究","authors":"K.P.K.C. Jayasinghe, Guhanathan Poravi","doi":"10.1145/3379310.3379323","DOIUrl":null,"url":null,"abstract":"Cryptojacking is the act of using an individual's or an organization's computational power in order to mine cryptocurrency. In some scenarios, this can be considered as a monetization strategy, very much similar to advertisements. But to do so without the explicit consent of the computer owners is considered illegitimate. During previous years, attackers' focus was heavily laid on browser-based cryptojacking. However, it was noted that the attackers are now shifting their attention to more robust, more superior targets, such as cloud servers and cloud infrastructure. This paper analyses 11 forms of practical scenarios of cryptojacking attacks that are targeted towards cloud infrastructure. We carefully look at their similarities and properties, comparing those features with the limitations of existing literature regarding the detection systems. In this paper, we survey the attack forms, and we also survey the limitations of existing literature as an attempt to outline the research gap between the practical scenarios and existing work.","PeriodicalId":348326,"journal":{"name":"Proceedings of the 2020 2nd Asia Pacific Information Technology Conference","volume":"71 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"17","resultStr":"{\"title\":\"A Survey of Attack Instances of Cryptojacking Targeting Cloud Infrastructure\",\"authors\":\"K.P.K.C. Jayasinghe, Guhanathan Poravi\",\"doi\":\"10.1145/3379310.3379323\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cryptojacking is the act of using an individual's or an organization's computational power in order to mine cryptocurrency. In some scenarios, this can be considered as a monetization strategy, very much similar to advertisements. But to do so without the explicit consent of the computer owners is considered illegitimate. During previous years, attackers' focus was heavily laid on browser-based cryptojacking. However, it was noted that the attackers are now shifting their attention to more robust, more superior targets, such as cloud servers and cloud infrastructure. This paper analyses 11 forms of practical scenarios of cryptojacking attacks that are targeted towards cloud infrastructure. We carefully look at their similarities and properties, comparing those features with the limitations of existing literature regarding the detection systems. In this paper, we survey the attack forms, and we also survey the limitations of existing literature as an attempt to outline the research gap between the practical scenarios and existing work.\",\"PeriodicalId\":348326,\"journal\":{\"name\":\"Proceedings of the 2020 2nd Asia Pacific Information Technology Conference\",\"volume\":\"71 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-01-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"17\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2020 2nd Asia Pacific Information Technology Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3379310.3379323\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2020 2nd Asia Pacific Information Technology Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3379310.3379323","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Survey of Attack Instances of Cryptojacking Targeting Cloud Infrastructure
Cryptojacking is the act of using an individual's or an organization's computational power in order to mine cryptocurrency. In some scenarios, this can be considered as a monetization strategy, very much similar to advertisements. But to do so without the explicit consent of the computer owners is considered illegitimate. During previous years, attackers' focus was heavily laid on browser-based cryptojacking. However, it was noted that the attackers are now shifting their attention to more robust, more superior targets, such as cloud servers and cloud infrastructure. This paper analyses 11 forms of practical scenarios of cryptojacking attacks that are targeted towards cloud infrastructure. We carefully look at their similarities and properties, comparing those features with the limitations of existing literature regarding the detection systems. In this paper, we survey the attack forms, and we also survey the limitations of existing literature as an attempt to outline the research gap between the practical scenarios and existing work.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
